Empowering Organisations to Thrive in the Face of Cyber A ttacks

1. Empowering Organisations to Thrive in the Face of Cyber Attacks An introduction to Resilient Systems • Paul Ayers – General Manager, EMEA • Chris Neely - Director of Sales Engineering, EMEA

2. AGENDA • Market Landscape • About us • New incident response model • How it works • Live demonstration

3. Dramatic increase of security incidents and breaches The Rise of Cyber Incidents Global State of Information Security 2015

4. Massive move in security spending is underway Research conducted April ‘15 by Pierre Audion Consultants 61% 77% Average spend today Average spend in 2 years Prevent & Protect 75% 60% Median spend in 2 years Median spend today 39% 23% Average spend in 2 years Average spend today Detect & Respond 25% 40% Median spend in 2 years Median spend today

5. Incident Response Evolution Incident Response evolution • Proven and Robust Processes / Best Practice • Historically rudimentary tooling • Now a defined market “Security incident response platforms (SIRPs) contain specialized capabilities intended specifically to support the response to security incidents” Spreadsheets Ticketing Sharepoint Email Technology Overview for Security Incident Response Platforms

6. OUR MISSION Resilient Systems empowers organizations to thrive in the face of cyberattacks and business crises.

7. Resilient Systems Pioneers in incident response • Founded in 2010, created the first Incident Response Platform (IRP) • Winning awards for innovation — and so are our customers • World leader in incident response management bringing together people, process and technology • Bruce Schneier, CTO — the leading security industry guru • Headquartered in Cambridge, MA and London, UK Most Innovative Product In Germany

8. Why response PRODUCTS PREVENTION DETECTION RESPONSE SERVICES

9. Select global customers FINANCIAL MANUFACTURING HEALTHCARE TECHNOLOGY INSURANCE CRITICAL INFRASTRUCTURE PROFESSIONAL SERVICES TELECOM RETAIL HOSPITALITY FEDERAL

10. PLATFORM OVERVIEW

11. A new approach to incident response PEOPLE PROCESS Brings together people, process and technology to transform, orchestrate and empower your incident response INCIDENT RESPONSE TECHNOLOGY

12. A new approach to incident response It enables rapid collaboration within the IR Team and across the organization PEOPLE PROCESS INCIDENT MARKETING LEGAL BUSINESS CISO RESPONSE TECHNOLOGY CSIRT SOC FORENSICS IR

13. A new approach to incident response • Action plans (NIST) • Organizational SOPs • Event orchestration • Task management • Global data privacy obligations • Tabletop exercises PEOPLE PROCESS INCIDENT RESPONSE TECHNOLOGY

14. A new approach to incident response PEOPLE PROCESS INCIDENT Brings together all your existing security investments in one place RESPONSE TECHNOLOGY

15. Our unique value • Creates a single hub for all IR • Empowers teams to work more intelligently • Agile platform • Custom Action Module • Compatible with all other systems PREPARE PEOPLE INTELLIGENCE FEEDS SIEM EXTERNAL COMMUNICATION MITIGATE ASSESS TICKETING INCIDENT RESPONSE PLATFORM CONFIGURATIONMGT EMAIL PROCESS MANAGE CUSTOM PORTAL SANDBOX ASSET DATABASE FORENSICS

16. Resilient incident response platform AUTOMATED ESCALATION SIEM EMAIL ENTRY WIZARD TROUBLE TICKETING WEB FORM EASY COLLABORATION RESILIENT IRP MODULES INFRASTRUCTURE INTEGRATION • Directory • Endpoint forensics • Threat Intelligence • Endpoint controls • Network controls ACTION SECURITY PRIVACY DASHBOARDS & REPORTING INCIDENT TIMELINE STATUS INCIDENTS BY TYPE OVER TIME CUSTOMDASHBOARDS & REPORTS TEAM UTILIZATION CSO DASHBOARD

17. Sample case study – Fusion Project Blue Coat Tanium Bit 9 Bromium • iSIGHT • FS-ISAC • Etc. QRadar Splunk Remedy Escalate / Sync TIFP Aggregated Normalized Enrich Escalate / Sync Resilient Platform Action Module AD Threat Services Enrich Artifact Lookup CMDB Analyst

18. DEMONSTRATION

19. Q & A